1 CLAIMS 
2 

3 What is claimed is: 

4 1. A method comprising the steps of: 

5 employing a virus-free certificate firewall in controlling and 

6 filtering files using a virus-free certificate including: 

7 0 receiving a file; 

8 if a virus-free certificate is required for the file, 

9 determining whether the a virus-free certificate is already 

10 associated with the file; 

11 if a virus-free certificate is already associated with the 

12 file, authenticating the associated virus-free certificate, 

13 said virus-free certificate comprising a certificate 

14 signature; 

15 if the virus-free certificate is authenticated, determining 

16 whether the file is virus-free or not: 

17 if the file is virus-free, forwarding the file with the 

18 associated virus-free certificate; 

19 if the virus-free certificate is not authenticated or if no 

20 virus-free certificate is associated with the file determining 

21 whether the file is virus-free or not; 
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1 if the file is virus-free, associating with the file a new 

2 virus-free certificate, and forwarding the file with the new 

3 virus-free certificate. 

4 2. The method according to claim 1, further comprising the 

5 steps of: 

6 • identifying the file in a table, said table comprising for 

7 each identified file at least one anti-virus criteria; 

8 • referring to the table and retrieving at least one of said 

9 at least one anti-virus criteria, ; and 

10 • determining from said at least one anti-virus criteria 

11 whether a virus-free certificate is required for the file 
Q 12 or not. 

m 13 3. The method according to claim 2, wherein the step of 

W 

Sj 14 referring to the table and retrieving at least one of said at 

]H 15 least one anti-virus criteria includes the step of determining 

ill 

7 16 whether or not the identified file satisfies the requirements 

!"f 17 of the retrieved anti-virus criteria. 

18 4. The method according to claim 1, wherein the virus-free 

\1 19 certificate comprises a file signature for determining that 

20 the file is virus-free. 

21 5. The method according to claim 1, wherein the virus-free 

22 certificate includes a list of anti-virus programs that have 

23 been executed on the file; 
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1 6. The method according to any one of the preceding claims 

2 wherein the virus-free certificate (200) further comprises at 

3 least one of the following: 

4 • a file identification; 

5 • a virus-free certificate authority identification; 

6 • a public key for decrypting the file signature; 

7 • a certificate signature for authenticating the virus-free 

8 certificate; and 

9 • an indication of the virus-free certificate validity. 

10 7. The method according to claim 1, wherein said step of 

11 determining whether the file is virus-free or not includes: 

12 • decrypting the file signature using a public key comprised 

13 in the virus-free certificate; 

14 • hashing the file to generate a file digest; and 

15 • comparing the decrypted file signature with the generated 

16 file digest. 

17 8, The method according to any one of the preceding claims 

18 wherein said step of determining whether the file is 

19 virus-free or not comprises the further step of 

20 • if the file is not virus-free, discarding (413) the file. 

21 9. The method according to claim 1, wherein the step of 

22 authenticating the virus-free certificate includes: 

23 validating the virus-free certificate, and 
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1 verifying that the list of said at least one anti-virus 

2 program comprised in the virus-free certificate is included in 

3 a list of anti-virus programs associated with the file in the 

4 table. 

5 10. The method according to claim 1, wherein the step of 

6 associating with the file a new virus-free certificate 

7 includes the step of requesting a virus-free certificate from 

8 a virus-free certificate authority. 

9 11. The method according to claim 1, wherein the step of 

10 associating with the file a new virus-free certificate 

11 includes the step of retrieving a virus-free certificate from 

12 a cache, said cache storing existing virus-free certificates. 

13 12. The method according to any one of the preceding claims 

14 wherein the step of forwarding the file with the new 

15 virus-free certificate includes updating a cache with the new 

16 virus-free certificate. 

17 13. A system comprising means adapted for carrying out the 

18 method according to claim 1. 

19 14. A computer program comprising instructions for carrying 

20 out the method according to claim 1 . 

21 15. An article of manufacture comprising a computer usable 

22 medium having computer readable program code means embodied 

23 therein for causing employment of a virus-free certificate 

24 firewall, the computer readable program code means in said 

25 article of manufacture comprising computer readable program 
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code means for causing a computer to effect the steps of claim 



1. 



3 16. A computer program product comprising a computer usable 

4 medium having computer readable program code means embodied 

5 therein for causing employment of a virus-free certificate 

6 firewall, the computer readable program code means in said 

7 computer program product comprising computer readable program 

8 code means for causing a computer to effect the steps of claim 

9 1. 

10 17. A program storage device readable by machine, tangibly 

11 embodying a program of instructions executable by the machine 
i=% 12 to perform method steps for employment of a virus-free 

yD 13 certificate firewall, said method steps comprising the steps 

14 of claim 1. 
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